Proposal Information
Proposal summary:
We need the list of default auditors, to streamline the audit process in the scope of ongoing development needs.
Previous work on the proposal area:
The suggested list of auditors was doing audits for high-profile DeFi products like Aave, Gnosis Safe, Compound, etc.
Proposal description:
Authorize the following independent auditors for code and infrastructure review of Aragon products:
- ConsensysDilligence
- Coinspect
- ZKLabs
- OpenZeppelin
- Chainsecurity
- RuntimeVerification, Inc. (RV)
- Trail of Bits
- Certik
- SigmaPrime
- PeckShield
- Mixbytes
- Certora
Proposal Rationale:
Independent audit of smart contracts, code, and infrastructure, in general, is a good practice for all financial and other high-risk products. It’s required to increase their security which leads to more trust and adoption of Aragon products.
Limitations of any benefits mentioned above:
A successful security audit doesn’t eliminate the possibility of security vulnerabilities, it decreases the risks and helps to find security problems missed by the team. It doesn’t eliminate the need for code reviews, automatic tests, and other practices which improve the security and quality of code.
Expected duration or delivery date (if applicable):
Not applicable, the list will be used when required.
Team Information
Tech committee of Aragon Network DAO (more info about members).
- Nivida
- Wenzel
- P4u
Skills and previous experience in related or similar work:
This kind of work is delegated to the tech committee of Aragon Network DAO by the Charter.
Funding Information
Not applicable, no upfront funding is required
Escrow where funds shall be transferred:
Not applicable, no upfront funding is required
More detailed description of how funds will be handled and used:
Not applicable, no upfront funding is required